github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-20 08:14:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Now switched to slf4j

Browse Source 
Former-commit-id: 880512e5998d86026cfec40b1a8a165dd6b4b8e1
This commit is contained in:
Will Stranathan
2015-06-16 18:50:05 -04:00
parent 1b4cb1379a
commit 8aca739f54
74 changed files with 1718 additions and 818 deletions
Download Patch File Download Diff File Expand all files Collapse all files

258
dependency-check-ant/src/main/java/org/owasp/dependencycheck/ant/logging/AntLoggerAdapter.java Normal file
View File

@@ -0,0 +1,258 @@
/*
* This file is part of dependency-check-ant.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.ant.logging;
import org.apache.tools.ant.Project;
import org.apache.tools.ant.Task;
import org.slf4j.helpers.FormattingTuple;
import org.slf4j.helpers.MarkerIgnoringBase;
import org.slf4j.helpers.MessageFormatter;
/**
* An instance of {@link org.slf4j.Logger} which simply calls the log method
* on the delegate Ant task
*
* @author colezlaw
*/
public class AntLoggerAdapter extends MarkerIgnoringBase {
private Task task;
public AntLoggerAdapter(Task task) {
super();
this.task = task;
}
public void setTask(Task task) {
this.task = task;
}
@Override
public boolean isTraceEnabled() {
// Might be a more efficient way to do this, but Ant doesn't enable or disable
// various levels globally - it just fires things at registered Listeners.
return true;
}
@Override
public void trace(String msg) {
task.log(msg, Project.MSG_VERBOSE);
}
@Override
public void trace(String format, Object arg) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg);
task.log(tp.getMessage(), Project.MSG_VERBOSE);
}
}
@Override
public void trace(String format, Object arg1, Object arg2) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg1, arg2);
task.log(tp.getMessage(), Project.MSG_VERBOSE);
}
}
@Override
public void trace(String format, Object... arguments) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arguments);
task.log(tp.getMessage(), Project.MSG_VERBOSE);
}
}
@Override
public void trace(String msg, Throwable t) {
if (task != null) {
task.log(msg, t, Project.MSG_VERBOSE);
}
}
@Override
public boolean isDebugEnabled() {
return true;
}
@Override
public void debug(String msg) {
if (task != null) {
task.log(msg, Project.MSG_DEBUG);
}
}
@Override
public void debug(String format, Object arg) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg);
task.log(tp.getMessage(), Project.MSG_DEBUG);
}
}
@Override
public void debug(String format, Object arg1, Object arg2) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg1, arg2);
task.log(tp.getMessage(), Project.MSG_DEBUG);
}
}
@Override
public void debug(String format, Object... arguments) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arguments);
task.log(tp.getMessage(), Project.MSG_DEBUG);
}
}
@Override
public void debug(String msg, Throwable t) {
if (task != null) {
task.log(msg, t, Project.MSG_DEBUG);
}
}
@Override
public boolean isInfoEnabled() {
return true;
}
@Override
public void info(String msg) {
if (task != null) {
task.log(msg, Project.MSG_INFO);
}
}
@Override
public void info(String format, Object arg) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg);
task.log(tp.getMessage(), Project.MSG_INFO);
}
}
@Override
public void info(String format, Object arg1, Object arg2) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg1, arg2);
task.log(tp.getMessage(), Project.MSG_INFO);
}
}
@Override
public void info(String format, Object... arguments) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arguments);
task.log(tp.getMessage(), Project.MSG_INFO);
}
}
@Override
public void info(String msg, Throwable t) {
if (task != null) {
task.log(msg, t, Project.MSG_INFO);
}
}
@Override
public boolean isWarnEnabled() {
return true;
}
@Override
public void warn(String msg) {
if (task != null) {
task.log(msg, Project.MSG_WARN);
}
}
@Override
public void warn(String format, Object arg) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg);
task.log(tp.getMessage(), Project.MSG_WARN);
}
}
@Override
public void warn(String format, Object... arguments) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arguments);
task.log(tp.getMessage(), Project.MSG_WARN);
}
}
@Override
public void warn(String format, Object arg1, Object arg2) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg1, arg2);
task.log(tp.getMessage(), Project.MSG_WARN);
}
}
@Override
public void warn(String msg, Throwable t) {
if (task != null) {
task.log(msg, t, Project.MSG_WARN);
}
}
@Override
public boolean isErrorEnabled() {
return true;
}
@Override
public void error(String msg) {
if (task != null) {
task.log(msg, Project.MSG_ERR);
}
}
@Override
public void error(String format, Object arg) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg);
task.log(tp.getMessage(), Project.MSG_ERR);
}
}
@Override
public void error(String format, Object arg1, Object arg2) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arg1, arg2);
task.log(tp.getMessage(), Project.MSG_ERR);
}
}
@Override
public void error(String format, Object... arguments) {
if (task != null) {
FormattingTuple tp = MessageFormatter.format(format, arguments);
task.log(tp.getMessage(), Project.MSG_ERR);
}
}
@Override
public void error(String msg, Throwable t) {
if (task != null) {
task.log(msg, t, Project.MSG_ERR);
}
}
}

41
dependency-check-ant/src/main/java/org/owasp/dependencycheck/ant/logging/AntLoggerFactory.java Normal file
View File

@@ -0,0 +1,41 @@
/*
* This file is part of dependency-check-ant.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.ant.logging;
import org.apache.tools.ant.Task;
import org.slf4j.ILoggerFactory;
import org.slf4j.Logger;
/**
* An implementation of {@link org.slf4j.ILoggerFactory} which always returns
* {@link AntLoggerAdapter} instances.
*
* @author colezlaw
*/
public class AntLoggerFactory implements ILoggerFactory {
private AntLoggerAdapter antLoggerAdapter;
public AntLoggerFactory(Task task) {
super();
this.antLoggerAdapter = new AntLoggerAdapter(task);
}
public Logger getLogger(String name) {
return antLoggerAdapter;
}
}

34
dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTask.java
View File

@@ -21,9 +21,8 @@ import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.tools.ant.BuildException;
import org.apache.tools.ant.Project;
import org.apache.tools.ant.Task;
import org.apache.tools.ant.types.EnumeratedAttribute;
import org.apache.tools.ant.types.Reference;
@@ -40,8 +39,8 @@ import org.owasp.dependencycheck.dependency.Identifier;
import org.owasp.dependencycheck.dependency.Vulnerability;
import org.owasp.dependencycheck.reporting.ReportGenerator;
import org.owasp.dependencycheck.reporting.ReportGenerator.Format;
import org.owasp.dependencycheck.utils.LogUtils;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.impl.StaticLoggerBinder;
/**
* An Ant task definition to execute dependency-check during an Ant build.
@@ -49,7 +48,6 @@ import org.owasp.dependencycheck.utils.Settings;
* @author Jeremy Long
*/
public class DependencyCheckTask extends Task {
/**
* The properties file location.
*/
@@ -62,16 +60,15 @@ public class DependencyCheckTask extends Task {
* System specific new line character.
*/
private static final String NEW_LINE = System.getProperty("line.separator", "\n").intern();
/**
* The logger.
*/
private static final Logger LOGGER = Logger.getLogger(DependencyCheckTask.class.getName());
/**
* Construct a new DependencyCheckTask.
*/
public DependencyCheckTask() {
super();
// Call this before Dependency Check Core starts logging anything - this way, all SLF4J messages from
// core end up coming through this tasks logger
StaticLoggerBinder.getSingleton().setTask(this);
}
//The following code was copied Apache Ant PathConvert
//BEGIN COPY from org.apache.tools.ant.taskdefs.PathConvert
@@ -349,7 +346,7 @@ public class DependencyCheckTask extends Task {
*/
@Deprecated
public void setProxyUrl(String proxyUrl) {
LOGGER.warning("A deprecated configuration option 'proxyUrl' was detected; use 'proxyServer' instead.");
log("A deprecated configuration option 'proxyUrl' was detected; use 'proxyServer' instead.", Project.MSG_WARN);
this.proxyServer = proxyUrl;
}
/**
@@ -925,9 +922,6 @@ public class DependencyCheckTask extends Task {
@Override
public void execute() throws BuildException {
final InputStream in = DependencyCheckTask.class.getClassLoader().getResourceAsStream(LOG_PROPERTIES_FILE);
LogUtils.prepareLogger(in, logFile);
dealWithReferences();
validateConfiguration();
populateSettings();
@@ -958,7 +952,7 @@ public class DependencyCheckTask extends Task {
cve.open();
prop = cve.getDatabaseProperties();
} catch (DatabaseException ex) {
LOGGER.log(Level.FINE, "Unable to retrieve DB Properties", ex);
log("Unable to retrieve DB Properties", ex, Project.MSG_DEBUG);
} finally {
if (cve != null) {
cve.close();
@@ -974,16 +968,15 @@ public class DependencyCheckTask extends Task {
showSummary(engine.getDependencies());
}
} catch (IOException ex) {
LOGGER.log(Level.FINE, "Unable to generate dependency-check report", ex);
log("Unable to generate dependency-check report", ex, Project.MSG_DEBUG);
throw new BuildException("Unable to generate dependency-check report", ex);
} catch (Exception ex) {
LOGGER.log(Level.FINE, "An exception occurred; unable to continue task", ex);
log("An exception occurred; unable to continue task", ex, Project.MSG_DEBUG);
throw new BuildException("An exception occurred; unable to continue task", ex);
}
}
} catch (DatabaseException ex) {
LOGGER.log(Level.SEVERE, "Unable to connect to the dependency-check database; analysis has stopped");
LOGGER.log(Level.FINE, "", ex);
log("Unable to connect to the dependency-check database; analysis has stopped", ex, Project.MSG_ERR);
} finally {
Settings.cleanup(true);
if (engine != null) {
@@ -1017,14 +1010,13 @@ public class DependencyCheckTask extends Task {
taskProperties = this.getClass().getClassLoader().getResourceAsStream(PROPERTIES_FILE);
Settings.mergeProperties(taskProperties);
} catch (IOException ex) {
LOGGER.log(Level.WARNING, "Unable to load the dependency-check ant task.properties file.");
LOGGER.log(Level.FINE, null, ex);
log("Unable to load the dependency-check ant task.properties file.", ex, Project.MSG_WARN);
} finally {
if (taskProperties != null) {
try {
taskProperties.close();
} catch (IOException ex) {
LOGGER.log(Level.FINEST, null, ex);
log("", ex, Project.MSG_DEBUG);
}
}
}
@@ -1176,7 +1168,7 @@ public class DependencyCheckTask extends Task {
final String msg = String.format("%n%n"
+ "One or more dependencies were identified with known vulnerabilities:%n%n%s"
+ "%n%nSee the dependency-check report for more details.%n%n", summary.toString());
LOGGER.log(Level.WARNING, msg);
log(msg, Project.MSG_WARN);
}
}

89
dependency-check-ant/src/main/java/org/slf4j/impl/StaticLoggerBinder.java Normal file
View File

@@ -0,0 +1,89 @@
/*
* This file is part of dependency-check-ant.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.slf4j.impl;
import org.apache.tools.ant.Task;
import org.owasp.dependencycheck.ant.logging.AntLoggerFactory;
import org.slf4j.ILoggerFactory;
import org.slf4j.spi.LoggerFactoryBinder;
/**
* The binding of {@link LoggerFactory} class with an actual instance of
* {@link ILoggerFactory} is performed using information returned by this class.
*
* @author colezlaw
*/
public class StaticLoggerBinder implements LoggerFactoryBinder {
/**
* The unique instance of this class
*
*/
private static final StaticLoggerBinder SINGLETON = new StaticLoggerBinder();
/**
* Return the singleton of this class.
*
* @return the StaticLoggerBinder singleton
*/
public static final StaticLoggerBinder getSingleton() {
return SINGLETON;
}
/**
* Ant tasks have the log method we actually want to call. So we hang onto
* the task as a delegate
*/
private Task task;
/**
* Set the Task which will this is to log through.
*
* @param task the task through which to log
*/
public void setTask(Task task) {
this.task = task;
loggerFactory = new AntLoggerFactory(task);
}
/**
* Declare the version of the SLF4J API this implementation is compiled
* against. The value of this filed is usually modified with each release.
*/
// to avoid constant folding by the compiler, this field must *not* be final
public static String REQUESTED_API_VERSION = "1.7.12"; // final
private static final String loggerFactoryClassStr = AntLoggerFactory.class.getName();
/**
* The ILoggerFactory instance returned by the {@link #getLoggerFactory}
* method should always be the smae object
*/
private ILoggerFactory loggerFactory;
private StaticLoggerBinder() {
loggerFactory = new AntLoggerFactory(task);
}
public ILoggerFactory getLoggerFactory() {
return loggerFactory;
}
public String getLoggerFactoryClassStr() {
return loggerFactoryClassStr;
}
}